Malware infects Macs through Microsoft Office vulnerability

Rogue emails distribute booby-trapped Microsoft Word file that installs Mac OS Trojan, researchers said

Security researchers have encountered new email-based targeted attacks that exploit a vulnerability in Microsoft Office to install a remote access Trojan horse program on Mac OS systems.

The rogue emails appear to target Tibetan activist organizations and distribute booby-trapped Microsoft Word documents that exploit a known remote code execution vulnerability in Microsoft Office for Mac, according to malware experts from security firm AlienVault.

"This is one of the few times that we have seen a malicious Office file used to deliver Malware on Mac OS X," said AlienVault security researcher Jaime Blasco in a blog post on Tuesday.

Security researchers from Mac antivirus vendor Intego believe that the attacks might become more widespread. "This malware is fairly sophisticated, and it is worth pointing out that the code in these Word documents is not encrypted, so any malware writer who gets copies of them may be able to alter the code and distribute their own versions of these documents," they said in a blog post on Thursday.

"The attack will be very effective on those who have not updated their copies of Microsoft Office, or aren't running antivirus software," the Intego researchers said.

If the vulnerability is exploited successfully, the rogue Word files will install a previously unknown Mac OS X Trojan horse. The remote attackers can instruct this malware to download, upload and delete files, or to start a remote shell on the system.

AlienVault believes that this attack was carried out by the same gang that last week distributed a similar Mac Trojan by exploiting a vulnerability in outdated Java installations.

This type of targeted attack, also known as spear phishing, has become common in recent years and is usually associated with government or corporate cyberespionage operations. However, the vast majority of spear phishing emails have so far targeted Windows users.

"While, in the past, we did not see this type of attack targeting Macs, it is clear that the game has changed, and that we are entering a new period of Mac malware," the Intego researchers said.

Mac users are advised to keep the software installed on their computers up to date, especially the popular applications, and to run an antivirus program at all times. Several Mac antivirus products are available for free.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?